Apple quickly fixes severe security flaw in macOS

So there’s been a big security flaw in Apple’s macOS that the company fixed in 24 hours. I rarely cover security issues because where do you draw the line, right? Anyhow, the manner of disclosure of this specific flaw is drawing some ire.

Obviously, this isn’t great, and the manner of disclosure didn’t help much either. Usually it’s advisable to disclose these vulnerabilities privately to the vendor, so that it can patch any holes before malicious parties attempt to use them for their own gains. But that ship has sailed.

I’ve never quite understood this concept of “responsible disclosure”, where you give a multi-billion dollar company a few months to fix a severe security flaw before you go public. First, unless you’re on that company’s payroll, you have zero legal or moral responsibility to help that company protect its products or good name. Second, if the software I’m using has a severe security flaw, I’d rather very damn well please would like to know so I can do whatever I can to temporarily fix the issue, stop using the software, or take other mitigating steps.

I readily admit I’m not hugely experienced with this particular aspect of the technology sector, so I’m open to arguments to the contrary.

49 Comments

  1. FlyingJester 2017-11-29 11:53 pm EST
  2. leos 2017-11-30 12:20 am EST
    • Kochise 2017-11-30 11:14 am EST
    • riha 2017-11-30 1:13 pm EST
      • leos 2017-11-30 7:33 pm EST
      • wocowboy 2017-11-30 10:28 pm EST
  3. tonymus 2017-11-30 3:49 am EST
    • Carewolf 2017-11-30 3:42 pm EST
      • leos 2017-11-30 7:37 pm EST
        • The123king 2017-12-01 1:57 pm EST
    • StephenBeDoper 2017-12-02 9:50 pm EST
      • Alfman 2017-12-02 11:09 pm EST
        • StephenBeDoper 2017-12-03 9:27 pm EST
          • Alfman 2017-12-04 2:51 pm EST
  4. benjamin_mio 2017-11-30 6:03 am EST
    • Bill Shooter of Bul 2017-11-30 6:52 am EST
      • The123king 2017-11-30 7:57 am EST
    • cranfordio 2017-11-30 4:29 pm EST
  5. davidiwharper 2017-11-30 6:24 am EST
    • bert64 2017-12-01 11:49 am EST
      • davidiwharper 2017-12-03 12:08 am EST
  6. The123king 2017-11-30 7:55 am EST
    • dvhh 2017-12-01 2:42 am EST
  7. ov1d1u 2017-11-30 7:58 am EST
    • dvhh 2017-12-01 2:43 am EST
  8. Gone fishing 2017-11-30 8:19 am EST
    • The123king 2017-11-30 8:24 am EST
    • Megol 2017-11-30 11:22 am EST
      • MikeMe 2017-11-30 11:51 am EST
    • grat 2017-11-30 6:11 pm EST
    • Drumhellar 2017-11-30 10:55 pm EST
      • Sidux 2017-12-01 10:30 am EST
  9. emphyrio 2017-11-30 10:09 am EST
    • Megol 2017-11-30 11:28 am EST
      • emphyrio 2017-11-30 12:10 pm EST
  10. Licaon_Kter 2017-11-30 1:03 pm EST
  11. ahferroin7 2017-11-30 1:33 pm EST
  12. jessesmith 2017-11-30 3:47 pm EST
  13. shollomon 2017-11-30 4:05 pm EST
    • Alfman 2017-11-30 7:38 pm EST
      • avgalen 2017-11-30 9:25 pm EST
        • Alfman 2017-11-30 10:05 pm EST
  14. R65guy 2017-11-30 4:09 pm EST
  15. shollomon 2017-11-30 8:59 pm EST
    • Alfman 2017-11-30 9:45 pm EST
  16. wocowboy 2017-11-30 10:23 pm EST